Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Send SNMP trap to other systems

mznikkip
Engager
‎04-18-2012 07:03 AM

I've read the documentation on how to send SNMP traps to other systems, however, I'm confused. How does traphosts.pl know to run sendsnmptrap.pl? I have the IP addresses for my trap receivers but not sure which parameters to change in sendsnmptrap.pl.

Tags (3)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

briang67
Communicator
‎04-18-2012 08:33 AM

In the sendsnmptrap.pl you'll want to change the $hostPortSNMP wiith the IP and port of your trap receiver.

View solution in original post

Reply
Solved! Jump to solution
Solution

briang67
Communicator
‎04-18-2012 08:33 AM

In the sendsnmptrap.pl you'll want to change the $hostPortSNMP wiith the IP and port of your trap receiver.

Reply
Solved! Jump to solution

mznikkip
Engager
‎04-19-2012 11:22 AM

Ahhh got it. I did a yum install for net-snmp-utils and now it seems to be working. Thanks for your help through this matter!

0 Karma
Reply
Solved! Jump to solution

briang67
Communicator
‎04-19-2012 09:46 AM

The snmptrap binary is in a separate rpm: net-snmp-utils.

0 Karma
Reply
Solved! Jump to solution

mznikkip
Engager
‎04-19-2012 07:24 AM

Ok done and done. Sorry for all the questions! I installed Net-SNMP but snmptrap does not appear in /usr/bin. In the directory where I did install it, I still don't even see /bin directory or 'snmptrap'.

0 Karma
Reply
Solved! Jump to solution

briang67
Communicator
‎04-18-2012 08:56 AM

One way to test would be to just run a tcpdump or snoop on the receiving host to see if the trap was received.

0 Karma
Reply
Solved! Jump to solution

briang67
Communicator
‎04-18-2012 08:52 AM

You can set a second variable like #hostPortSNMP2 and just run the $cmd a second time substituting the new variable

0 Karma
Reply
Solved! Jump to solution

mznikkip
Engager
‎04-18-2012 08:36 AM

Is there a way to send to two different trap receivers? Or would I have to create another sendsnmptrap.pl?
Also, how do I test to make sure it's working?

0 Karma
Reply
Solved! Jump to solution

briang67
Communicator
‎04-18-2012 08:31 AM

We use the trap script extensively at my company for alerting purposes. With our setup we call a shell script from the saved search called sendtrap.sh - that calls a customized version of the perl script sendsnmptrap.pl. The script passes the parameters needed for the perl script.

The shell script looks like this:

 #!/bin/sh
cd /opt/splunk/bin/scripts
$(./sendtrapv15.pl "$1" "$2" "$3" "$4" "$5" "$6" "$7" "$8")
0 Karma
Reply
Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Dynamic formatting from XML events

This challenge was first posted on Slack #puzzles channelFor a previous puzzle, I needed a set of fixed-length ...

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

  🚀 Your data just got a serious AI upgrade — are you ready? Say hello to the Agentic Era with the ...

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...